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WE CLAIM: 



1 . A data management system including: 

a database for storing a plurality of data libraries; and 

5 an interface for controlling storage of data in the data libraries of said 

database and allowing access to said data by a plurality of external organisations, 
each organisation including one or more respective members; wherein 

the interface includes a security structure controlling access of the members 
of the organisations to the data. 

10 2. A system according to claim 1 wherein the organisations operate 

respective data storage/communication systems and include an external connection to 
the database. 

3. A system according to claim 3 wherein the data 
storage/communication systems include respective administrator rights for the 

15 respective systems. 

4. A system according to claim 1 wherein access of the members to the 
data includes at least reading, writing and editing of the data. 

5. A system according to claim 1 wherein the data libraries have 
different respective ownerships. 

20 6. A system according to claim 1 wherein one or more of the data 

libraries is owned by a respective organisation. 

7. A system according to claim 1 wherein the security structure allows 
the members to request operation of functions with respect to the database, the 
functions including access to the data. 



25 



8. 



A system according to claim 7 wherein, when a member of one of the 
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organisations requests a function, security structure requires that the ID of the 
member be authenticated. 

9. A system according to claim 7 wherein the security structure includes 
a list of functions available to respective members of the organisations and, when a 

5 member of one of the organisations requests a function, the security structure requires 
that it be determined that the requested function is available to the member. 

10. A system according to claim 9 wherein the security structure includes, 
for each organisation, one or more roles, each role relating to one or more functions 
and defining the members of the organisation entitled to operate the one or more 

1 0 functions of the role. 

11. A system according to claim 1 0 wherein the security structure 
includes one or more templates, each template providing a list of one or more 
functions and the roles having pointers to the templates so as to indicate the one or 
more functions available to the members defined for the role. 

15 12. A system according to claim 7 wherein the security structure includes, 

for each respective organisation, an indication of all others of the organisations to 
which said respective organisation is visible and, when a member of one of the 
organisations requests a function, the security structure requires that it be determined 
that the function does not require access to data of a data library owned by an 

20 organisation which is not visible to the organisation of the member. 

13. A system according to claim 7 wherein the security structure provides 
for each target of a function to have associated with it one or more permissions, the 
permissions allowing defined functions to be operated by defined members and, 
when a member of one of the organisations requires a function, the security structure 

25 requires that it be determined that the requested function and said member be 
included in the permissions of the target of the function. 

14. A system according to claim 7 wherein the security structure provides 
for each function to allow multiple targets. 
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15. A system, method or structure wherein data files of said data libraries 
have associated permissions, the permissions allowing defined functions to be 
operated upon respective data files by defined members and, when a member of one 
of the organisations requests a function on a data file, the security structure requires 

5 that it be determined that the requested function and said member are included in the 
permissions of the data file. 

1 6. A method of providing a plurality of external organisations with 
access to a common database containing a plurality of data libraries, each 
organisation including one or more respective members, the method including the 

10 steps of a security structure for controlling access of members of the organisations to 
the data. 

17. A method according to claim 16 wherein the organisations operate 
respective data storage/communication systems and include an external connection to 
the database. 

15 18. A method according to claim 1 7 wherein the data 

storage/communication systems include respective administrator rights for the 
respective systems. 

19. A method according to claim 16 wherein access of the members to the 
data includes at least reading, writing and editing of the data. 

20 20. A method according to claim 16 wherein the data libraries have 

different respective ownerships. 

21 . A method according to claim 16 wherein one or more of the data 
libraries is owned by a respective organisation. 

22. A method according to claim 16 wherein the security structure allows 
25 the members to request operation of functions with respect to the database, the 

functions including access to the data. 



23. A method according to claim 22 wherein, when a member of one of 
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the organisations requests a function, security structure requires that the ID of the 
member be authenticated. 

24. A method according to claim 22 wherein the security structure 
includes a list of functions available to respective members of the organisations and, 

5 when a member of one of the organisations requests a function, the security structure 
requires that it be determined that the requested function is available to the member. 

25. A method according to claim 24 wherein the security structure 
includes, for each organisation, one or more roles, each role relating to one or more 
functions and defining the members of the organisation entitled to operate the one or 

10 more functions of the role. 

26. A method according to claim 25 wherein the security structure 
includes one or more templates, each template providing a list of one or more 
functions and the roles having pointers to the templates so as to indicate the one or 
more functions available to the members defined for the role. 

15 27. A method according to claim 22 wherein the security structure 

includes, for each respective organisation, an indication of all others of the 
organisations to which said respective organisation is visible and, when a member of 
one of the organisations requests a function, the security structure requires that it be 
determined that the function does not require access to data of a data library owned 

20 by an organisation which is not visible to the organisation of the member. 

28. A method according to claim 22 wherein the security structure 
provides for each target of a function to have associated with it one or more 
permissions, the permissions allowing defined functions to be operated by defined 
members and, when a member of one of the organisations requires a function, the 

25 security structure requires that it be determined that the requested function and said 
member be included in the permissions of the target of the function. 

29. A method according to claim 22 wherein the security structure 
provides for each function to allow multiple targets. 
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30. A security structure for use with a database storing a plurality of data 
libraries, the security structure allowing an interface between different external 
organisations and data of the data libraries, each organisation having one or more 
respective members and the security structure controlling access of the members of 

5 different organisations to the data of the data. 

31 . A structure according to claim 30 wherein the organisations operate 
respective data storage/communication systems and include an external connection to 
the database. 

32. A structure according to claim 3 1 wherein the data 

10 storage/communication systems include respective administrator rights for the 
respective systems. 

33. A structure according to claim 30 wherein access of the members to 
the data includes at least reading, writing and editing of the data. 

34. A structure according to claim 30 wherein the data libraries have 
1 5 different respective ownerships. 

35. A structure according to claim 30 wherein one or more of the data 
libraries is owned by a respective organisation. 

36. A structure according to claim 30 wherein the security structure 
allows the members to request operation of functions with respect to the database, the 

20 functions including access to the data. 

37. A structure according to claim 36 wherein, when a member of one of 
the organisations requests a function, security structure requires that the ID of the 
member be authenticated. 

38. A structure according to claim 36 wherein the security structure 

25 includes a list of functions available to respective members of the organisations and, 
when a member of one of the organisations requests a function, the security structure 
requires that it be determined that the requested function is available to the member. 
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39. A structure according to claim 38 wherein the security structure 
includes, for each organisation, one or more roles, each role relating to one or more 
functions and defining the members of the organisation entitled to operate the one or 
more functions of the role. 

5 40. A structure according to claim 39 wherein the security structure 

includes one or more templates, each template providing a list of one or more 
functions and the roles having pointers to the templates so as to indicate the one or 
more functions available to the members defined for the role. 

41 . A structure according to claim 36 wherein the security structure 
10 includes, for each respective organisation, an indication of all others of the 

organisations to which said respective organisation is visible and, when a member of 
one of the organisations requests a function, the security structure requires that it be 
determined that the function does not require access to data of a data library owned 
by an organisation which is not visible to the organisation of the member. 

15 42. A structure according to claim 36 wherein the security structure 

provides for each target of a function to have associated with it one or more 
permissions, the permissions allowing defined functions to be operated by defined 
members and, when a member of one of the organisations requires a function, the 
security structure requires that it be determined that the requested function and said 

20 member be included in the permissions of the target of the function. 

43. A structure according to claim 36 wherein the security structure 
provides for each function to allow multiple targets. 

44. A computer program comprising program code means for performing 
all the steps of the method of claim 16 when said program is run of a computer. 

25 45. A computer program product comprising program code means stored 

on a computer readable medium for performing all the steps of claim 16 when said 
program product is run on a computer. 



